Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



IDS: Re: Re: OSSIM as IDS

Re: Re: OSSIM as IDS

From: <nospam_at_blahblahblaaah.com>
Date: 26 May 2008 14:12:03 -0000
('binary' encoding is not supported, stored as-is) Well, two years ago you needed some skills to make it work. Perhaps you were not available to use the server correlation engine, perhaps you didn't write your own correlation rules, and perhaps you didn't write some plugins for all of this. You can make your own IDS rules, more sophisticated than with snort.

The agent has a easy and powerfull plugin system. So it's not just a frontend of snort. It started with snort as the main plugin but it can collect events from a lot of devices and logs.

Give it a try.

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------
Received on May 26 2008

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]